Spas Ivanov: Bulgaria is the most vulnerable country in the EU to cyberattacks
Bulgaria ranks last among the EU countries for safety in the digital environment, the main reason being the breakthroughs in the consumer culture. In addition, there is not only one CERT cyberattack protection center in the country, while in the Czech Republic, for example, 57 such teams operate, with public-private partnerships working with the decision to create them, instead of being part of a state structure. The problem in Bulgaria is not technology, but legislation. That’s what he said Spas Ivanov, Managing Director at Baseline Cyber Security, in the program “Investor Club” on Bloomberg TV Bulgaria with leader Ivaylo Lakov.
Bulgaria ranks last among the countries in the EU, together with Indonesia, Vietnam, etc., being the only European country in the black Top-10 unreliability. This means that a company related to digital nomads is looking for the safest places where you can work remotely in an online environment, Ivanov explained. According to him, the “probability of a given territory” is taken as a starting point for creating the ranking. to become a victim of various types of phishing and fraudulent schemes”.
“Bulgaria has been for many years haven for phishing and scams, due to low consumer culture. We perform very poorly in this regard, because we missed 10 years in which to educate our population”.
We fell behind in the rankings for internet speedsaid the guest. “We’re already in 90th place there because when we made our investment to renew the network they were lagging behind, but since then they’ve also renewed it and ours is getting old.” There is a cyclicality, and that’s not so scary.”
If we exclude a few large cities, we will see that a large part of users are extremely poorly prepared for working in a digital environment. They are of any age, they left the education system a decade ago, but with the widespread use of smartphones, they are the target of hacker attacks, warned Ivanov. “These are our fathers and mothers, but hackers are not interested in that, but to achieve their goals”.
“In the last six months, when the Ministry of our e-governance was created, so many things happened in the state administration that were not created in 10 years. a vision of how to manage public IT security. This vision was available for the first time. The process is terribly long and it will take decades to bring it into the norms and meet the standards in the USA, in Germany, in Great Britain. But an awful lot of effort went into it.”
It is standard to support real-time rapid response teams. Such teams CERT (Computer Emergency Response Team) exist in USA, UK, Canada, Australia, China, Italy, Spain, etc. And these teams consist of hundreds of people. IN Bulgaria has one and “it is not even as prepared and well-equipped in terms of people as it should be,” the expert warned. “Only a few people work there. The Czech Republic, which is not much bigger than our country, has 57 CERTs, two-thirds of which are private”.
In Bulgaria public-private partnerships in this area are not legally regulated so that private companies who would like to work in this direction can create such centers, explains Ivanov. “The state must make an analysis – do you have the people, technology, processes and procedures, or is it good to entrust the activity to the company that will be responsible for debt – including insurance, financial, etc. Czechs, and all over the world people have realized that this it is beyond the power of a state administration, because it is not attractive enough for the best in the sector. But it is precisely the best IT specialists who should take care of state security”.
“The way is to force it sector CERTs. This means that a different center takes care of security in healthcare, security in the financial system, etc. This has been done in a number of European countries and in the USA”.
The problem in Bulgaria is not technology, but legislationSpas Ivanov was categorical. “Parliament must work, and intensively, in the field of e-governance for a month or two to realize what we have missed and slept on for the past decades. We spent tons of money and slept for decades – over BGN 2.5 billionand you end up realizing almost nothing from the added goals. Realized by 10% submit the added tasks”.
“Money will continue to be invested in e-governance to bring it to a workable option.” but we must invest them wisely. In this last six months, I have noticed that something is being done in the direction, and with unprecedented optimism and enthusiasm, which was missing until now”.
As for the cyber environment against the background of the war in Ukraine, the interlocutor stated that it he seems strangely calm in the background the happening hot war in Ukraine. “Apparently there is something that happens in the background and I guess we’ll find out in time.”
“There are cyber attacks, but they are far from the intensity that was expected, given the fact that cyber warfare is one of the main weapons of Russia, and of all the great powers in the world – China, the USA, Israel as well. There is no discernible targeting of Ukrainian attacks on law enforcement agencies or their governance. There are rather episodic manifestations of individual hacker groups”.
Why is machine voting in the Bulgarian environment many times more reliable and secured against fraud than paper voting? Why would any attempt to manipulate election results become a “logistical nightmare”?
See full video commentary.
All guests of the show “Investor Club” can watch here.